Systems Manager
💡 Definition
AWS Systems Manager (SSM) is a collection of capabilities that helps you automate operational tasks across your AWS resources and on-premises servers, making it easier to manage large fleets of instances and applications.
🔑 Key Concepts
- Unified Interface: A single console to view operational data and automate tasks across your AWS infrastructure.
- Run Command: Securely and remotely execute commands on EC2 instances or on-premises servers.
- Patch Manager: Automate patching of your operating systems and applications.
- Session Manager: Secure shell access to EC2 instances or on-premises servers without opening inbound ports.
- State Manager: Automate the process of maintaining a defined configuration for your instances.
- Parameter Store: Securely store and manage configuration data and secrets.
⚙️ How it Works
Systems Manager Agent (SSM Agent) runs on your EC2 instances and on-premises servers. It communicates with the Systems Manager service to execute tasks and collect data.
🎯 Use Cases
- Patch Management: Ensure all servers are up-to-date with security patches.
- Software Inventory: Collect details about installed software and configurations.
- Remote Command Execution: Run scripts or commands on fleets of instances.
- Secure Access: Provide secure, auditable access to instances without SSH keys or bastion hosts.
💰 Pricing Model
- Core Systems Manager capabilities: Often free for basic usage.
- Advanced Features: Charges apply for some advanced capabilities like Patch Manager (advanced features), Explorer, Automation, etc., based on usage.
📝 Exam Tips (CLF-C02)
- Systems Manager is a unified operational hub for AWS and hybrid environments.
- It's key for automation, management, and insights.
- Remember the SSM Agent needs to be installed on instances.
- Can be used for patching, remote execution, and secure shell access.
See Also: * EC2 * CloudWatch * CloudFormation * IAM